Author: Aymeric Vitte 2017-02-24 17:29:50
Published on: 2017-02-24T17:29:50+00:00
The discussion in the email thread revolves around the security of hashing files continuously as opposed to hashing intermediate steps. The concern is that hashing files continuously can give more latitude to attackers. One suggestion for addressing this issue involves using a real-time progressive hash of chunks of a file being streamed, which is similar to how hashing trees would work. This approach involves updating the hash after each chunk is received and not starting from scratch every time. However, Tim Ruffing points out that this method may still be vulnerable to attacks where an attacker can provide different past files when talking to parties who are still in the initial state. Another concern raised is whether it is easier to find a collision between two files that will be computed in the next round than finding a collision between two files only. Overall, the email thread discusses the vulnerabilities and limitations of different approaches to hashing files.
Updated on: 2023-06-11T21:49:19.380992+00:00